Support for CAN/CIOSC 104:2021 compliance
We offer comprehensive support for the CAN/CIOSC 104:2021 security standard. Choose the expertise of the Microfix Team, your trusted partner, to guide you through this process with complete peace of mind!
How does CAN/CIOSC 104:2021 impact my business?
CAN/CIOSC 104:2021 is a Canadian national standard that establishes baseline cybersecurity controls specifically designed for small and medium-sized businesses (SMEs). It aims to provide SMEs with a solid basis for strengthening their cybersecurity.
What are the security measures of the CAN/CIOSC 104:2021 standard?
Basic cybersecurity controls
- Incident response plan
- Automatic updating of applications and operating systems
- Enabling security software
- Secure device configuration
- Data backup and encryption
- Setting up base defenses on the perimeter
- Access control and authorization
Cybersecurity controls specific to the operating environment
- Mobile security
- Security of cloud services and outsourced IT services
- Website security
- Removable media security
- Point of sale systems and financial systems
- Management of IT security logs
How can the Microfix Team help you optimize your compliance?
Microfix Team can provide expertise and support to a company to help it comply with CAN/CIOSC 104:2021 in several key ways:
Initial assessment: We begin by assessing your company’s current cybersecurity situation. This includes analyzing your systems, existing security policies and resources.
Consulting and planning: Based on the results of the assessment, we develop an action plan specific to your company to achieve compliance with the standard. This plan takes into account your level of cybersecurity maturity and your available resources.
Implementation of controls: We help you implement the security controls required by CAN/CIOSC 104:2021. This includes configuring systems, enabling security software, implementing robust authentication policies, and any other controls that need to be put in place.
Training and awareness: We organize training sessions to raise awareness among your employees of good cybersecurity practices.